Implement cryptographic signature verification for wallet linking endpoint

[coderabbitai]

Description

The wallet linking endpoint at app/api/reputation/link-wallet/route.ts currently has signature verification mocked with isValidSignature = true (line 22). This needs to be replaced with real cryptographic verification before production release.

Context

Currently, any authenticated user can link any wallet address without proving ownership, which creates a security vulnerability.

Tasks

• Implement real signature verification using verifyMessage from ethers or viem
• Verify the recovered address matches the provided address
• Handle verification failures with appropriate 403 error responses
• Add proper error handling for invalid signatures

Related

• PR: feat: Implement a comprehensive reputation system  #67
• Review comment: feat: Implement a comprehensive reputation system  #67 (comment)
• Requested by: @Dprof-in-tech

Priority

This is a security issue and should be addressed before the reputation system goes to production.

[linear]

BOU-74